<?php
session_start();
//session_register('login_state');
//$_SESSION['login_state'] ; 


?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<?
//=====================================================
$path = '../';
include($path."common.php");
include($path."prod_fun.php");
//=====================================================
//for($i=1 ; $i<=count($txt) ; $i++){
//$stxt[$i] = str_replace("'","''",$txt[$i]) ;
//$stxt[$i] = str_replace("//","////",$txt[$i]) ;
//}

$stxt1 = $_POST['txt1'] ;
$stxt2 = $_POST['txt2'] ;
$stxt3 = $_POST['txt3'] ;
$stxt4 = $_POST['txt4'] ;
$stxt5 = $_POST['txt5'] ;
$stxt6 = $_POST['txt6'] ;
$stxt7 = $_POST['txt7'] ;
$nowpage = $_POST['$nowpage'] ;
//=====================================================
$page1 = "staff_list.php" ;

if($_POST['action'] == ""){
	$action = $_GET['action'] ;
}else{
   $action = $_POST['action'] ;
}

//=====================================================
switch($action){
//=====================================================
case "返回清單" :

$page = $page1 . "?page=$nowpage" ;
gotopage($page) ;
break;
//=====================================================
case "新增資料" :
$page = "staff_edit.php" ;
gotopage($page) ;
break;
//=====================================================
case "修改資料" :
$id = $_GET['pid'] ;

$page = "staff_edit.php?id=$id&nowpage=$nowpage" ;
gotopage($page) ;
break;
//=====================================================
case "新增" :
//------------------------------------------------------------------------------------------------
if(empty($stxt2) or empty($stxt3) or empty($stxt4) or empty($stxt5) or empty($stxt6)){
$msg = "請輸入資料" ;
$page = "staff_edit.php" ;
msgpop($msg) ;
}else{



$sql_add = "insert into kart_manage set 
					user_name = '$stxt2' , 
					user_account = '$stxt3' , 
					user_password = '$stxt4' , 
					user_mail = '$stxt7' , 
					user_auth = '$stxt5' , 
					user_valid = '$stxt6' 
					" ;
$result_add = mysql_query($sql_add) ;
$msg = "資料新增完成" ;
$page = "staff_list.php" ;
msgpop($msg) ;
}
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "修改" :
//------------------------------------------------------------------------------------------------
if(empty($stxt2) or empty($stxt3) or empty($stxt4) or empty($stxt5) or empty($stxt6)){
$msg = "請輸入資料" ;
$page = "staff_edit.php?id=$stxt[1]" ;
msgpop($msg) ;
}else{
//------------------------------------------------------------------------------------------------
$sql_up = "update kart_manage set 
					user_name = '$stxt2' , 
					user_account = '$stxt3' ,					
					user_password = '$stxt4' , 
					user_mail = '$stxt7' , 
					user_auth = '$stxt5' , 
					user_valid = '$stxt6' 
					where user_id = '$stxt1' limit 1 
					" ;
$result_up = mysql_query($sql_up) ;

$msg = "資料修改完成" ;
$page = "staff_edit.php?id=$stxt1" ;
msgpop($msg) ;
}
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "刪除" :
//------------------------------------------------------------------------------------------------
$id = $_GET['pid'] ;
$sql_del = "delete from kart_manage where user_id = '$id' limit 1 " ;
$result_del = mysql_query($sql_del) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "登入" :
//------------------------------------------------------------------------------------------------
$account = $_POST['account'] ;
$pwd = $_POST['pwd'] ;
$sql_login = "select * from kart_manage where user_account = '$account' and user_password = '$pwd' and user_valid = 'Y' " ;
$result_login = mysql_query($sql_login) ;
$row_login = mysql_fetch_object($result_login);
$_SESSION['login_state'] = $row_login->user_auth ; 
if($_SESSION['login_state'] == "S"){
$page = "staff_list.php" ;
}else{
$msg = "使用者帳號或密碼錯誤。" ;	
$page = "staff_login.php" ;
msgpop($msg) ;
}

gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================
case "登出" :
//------------------------------------------------------------------------------------------------
session_destroy();
$page = "staff_login.php" ;
gotopage($page) ;
//------------------------------------------------------------------------------------------------
break;
//=====================================================


}

?>